[Résolu] Encore des fenêtres qui s'ouvrent !

[cedlo]

Bonjour,

 

J'ai à nouveau des fenêtres qui s'ouvrent toutes seules lorsque je vais sur des sites.

Que faire ?

J'ai fais une analyses avec Avira Antivir personnal qui n'a rien détecté. Ci-dessous le résultat :

 

Avira AntiVir Personal
Report file date: vendredi 10 octobre 2008  09:27

Scanning for 1673969 virus strains and unwanted programs.

Licensed to:	  Avira AntiVir PersonalEdition Classic
Serial number:	0000149996-ADJIE-0001
Platform:		 Windows Vista
Windows version:  (Service Pack 1)  [6.0.6001]
Boot mode:		Normally booted
Username:		 SYSTEM
Computer name:	PC-DE-MUSIQUE

Version information:
BUILD.DAT	 : 8.1.0.331	  16934 Bytes  12/08/2008 11:46:00
AVSCAN.EXE	: 8.1.4.7	   315649 Bytes  04/08/2008 17:19:09
AVSCAN.DLL	: 8.1.4.0		40705 Bytes  04/08/2008 17:19:09
LUKE.DLL	  : 8.1.4.5	   164097 Bytes  04/08/2008 17:19:11
LUKERES.DLL   : 8.1.4.0		12033 Bytes  04/08/2008 17:19:11
ANTIVIR0.VDF  : 6.40.0.0	11030528 Bytes  18/07/2007 11:04:02
ANTIVIR1.VDF  : 7.0.5.1	  8182784 Bytes  24/06/2008 16:00:19
ANTIVIR2.VDF  : 7.0.7.12	 4066816 Bytes  08/10/2008 18:22:41
ANTIVIR3.VDF  : 7.0.7.20	   78848 Bytes  09/10/2008 18:21:14
Engineversion : 8.1.1.35  
AEVDF.DLL	 : 8.1.0.5	   102772 Bytes  17/04/2008 08:24:48
AESCRIPT.DLL  : 8.1.0.76	  319867 Bytes  18/09/2008 18:01:58
AESCN.DLL	 : 8.1.0.23	  119156 Bytes  04/08/2008 17:19:15
AERDL.DLL	 : 8.1.1.2	   438644 Bytes  18/09/2008 18:01:56
AEPACK.DLL	: 8.1.2.3	   364918 Bytes  24/09/2008 18:04:35
AEOFFICE.DLL  : 8.1.0.25	  196986 Bytes  18/09/2008 18:01:54
AEHEUR.DLL	: 8.1.0.59	 1438071 Bytes  18/09/2008 18:01:52
AEHELP.DLL	: 8.1.0.15	  115063 Bytes  29/05/2008 15:38:24
AEGEN.DLL	 : 8.1.0.36	  315764 Bytes  18/08/2008 17:28:55
AEEMU.DLL	 : 8.1.0.7	   430452 Bytes  04/08/2008 17:19:13
AECORE.DLL	: 8.1.1.11	  172406 Bytes  03/09/2008 17:45:58
AEBB.DLL	  : 8.1.0.1		53617 Bytes  04/08/2008 17:19:13
AVWINLL.DLL   : 1.0.0.12	   15105 Bytes  04/08/2008 17:19:09
AVPREF.DLL	: 8.0.2.0		38657 Bytes  04/08/2008 17:19:09
AVREP.DLL	 : 8.0.0.2		98344 Bytes  04/08/2008 17:19:13
AVREG.DLL	 : 8.0.0.1		33537 Bytes  04/08/2008 17:19:09
AVARKT.DLL	: 1.0.0.23	  307457 Bytes  17/04/2008 08:24:42
AVEVTLOG.DLL  : 8.0.0.16	  119041 Bytes  04/08/2008 17:19:09
SQLITE3.DLL   : 3.3.17.1	  339968 Bytes  17/04/2008 08:24:45
SMTPLIB.DLL   : 1.2.0.23	   28929 Bytes  04/08/2008 17:19:12
NETNT.DLL	 : 8.0.0.1		 7937 Bytes  17/04/2008 08:24:45
RCIMAGE.DLL   : 8.0.0.51	 2371841 Bytes  04/08/2008 17:19:03
RCTEXT.DLL	: 8.0.52.0	   86273 Bytes  04/08/2008 17:19:03

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:, D:, 
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: vendredi 10 octobre 2008  09:27

Starting search for hidden objects.
'131453' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'SearchFilterHost.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'thunderbird.exe' - '1' Module(s) have been scanned
Scan process 'FNPLicensingService.exe' - '1' Module(s) have been scanned
Scan process 'KHALMNPR.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'ChkDev.exe' - '1' Module(s) have been scanned
Scan process 'SetPoint.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'Belkinwcui.exe' - '1' Module(s) have been scanned
Scan process 'zgbuae.exe' - '1' Module(s) have been scanned
Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
Scan process 'btdna.exe' - '1' Module(s) have been scanned
Scan process 'backWeb-8876480.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'sidebar.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'Acrotray.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned
Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'ehsched.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'IAANTmon.exe' - '1' Module(s) have been scanned
Scan process 'DQLWinService.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'bcmwltry.exe' - '1' Module(s) have been scanned
Scan process 'wltrysvc.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
70 processes with 70 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[iNFO]	  No virus was found!
Boot sector 'D:\'
[iNFO]	  No virus was found!

Starting to scan the registry.
The registry was scanned ( '42' files ).


Starting the file scan:

Begin scan in 'C:\' <HP>
C:\hiberfil.sys
[WARNING]   The file could not be opened!
C:\pagefile.sys
[WARNING]   The file could not be opened!
C:\Windows\System32\drivers\sptd.sys
[WARNING]   The file could not be opened!
Begin scan in 'D:\' <Recovery>


End of the scan: vendredi 10 octobre 2008  11:15
Used time:  1:48:12 Hour(s)

The scan has been done completely.

 33576 Scanning directories
927263 Files were scanned
  0 viruses and/or unwanted programs were found
  0 Files were classified as suspicious:
  0 files were deleted
  0 files were repaired
  0 files were moved to quarantine
  0 files were renamed
  3 Files cannot be scanned
927260 Files not concerned
  5271 Archives were scanned
  3 Warnings
  0 Notes
131453 Objects were scanned with rootkit scan
  0 Hidden objects were found

 

Alors si un Charles Ingals ou autres génie de l'informatique pouvait m'aider...

Merci d'avance

Cedlo

[Apollo]

Bonjour,

 

Charles Ingals

 

Tu veux dire Thanos...

Eh bien, si tu décides toi-même quel conseiller va te dépanner (...) , tu pourrais parfois attendre, c'est qu'il travaille aussi l'homme, en dehors du net.

 

Peux-tu pour les prochains rapports, ne pas les placer entre des balises stp?

 

Je veux bien t'aider, sauf si tu veux attendre Thanos...

 

@+

[Thanos]

salut cedlo

 

Apo est occupé, alors je vais te répondre

 

Quel type de fenêtre s'ouvre ? il se petu que le pc soit infecté par navipromo.

 

On va faire deux scans rapides >>

 

1°) Télécharge navilog1 de IL-MAFIOSO

• Choisis Enregistrer la cible (du lien) sous et enregistre-le fichier sur ton bureau.
  
• Ensuite double clique sur navilog1.exe pour lancer l'installation.
  
• Une fois l'installation terminée, le fix s'exécutera automatiquement.
  (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
  
• Laisse-toi guider. Au menu principal, choisis 1 et valides.
  (ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
  
• Patiente jusqu'au message :

  *** Analyse Termine le ..... ***

• Appuie sur une touche comme demandé, le bloc note va s'ouvrir.
  
• Copie-colle l'intégralité dans une réponse. Referme le bloc note.
  
• Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
  

2°) Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

• Double-clique sur RSIT.exe afin de lancer RSIT.
  
• Clique Continue à l'écran Disclaimer.
  
• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
  
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
  ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  
• Si tu ne vois pas ces deux rapports, tu les trouveras dans le dossier C:\rsit
  

Poste les deux rapports stp.

@++

Modifié le 10 octobre 2008 par Thanos

[cedlo]

Bonjour,

 

 

 

Tu veux dire Thanos...

Eh bien, si tu décides toi-même quel conseiller va te dépanner (...) , tu pourrais parfois attendre, c'est qu'il travaille aussi l'homme, en dehors du net.

 

Peux-tu pour les prochains rapports, ne pas les placer entre des balises stp?

 

Je veux bien t'aider, sauf si tu veux attendre Thanos...

 

@+

 

Salut,

 

oh non, je ne cherche pas un conseiller en particulier. J'avais déjà eu ce soucis et il me semblait avoir été aidée par un certain "charles ingals" mais je ne suis pas chauvine.

Je suis donc les conseils de Thanos et donne les résultats d'analyses dès que je les ai (c'est assez long !)

Modifié le 11 octobre 2008 par cedlo

[cedlo]

Salut Thanos, voici les deux rapports :

 

1/ résultat de Navilog :

 

Search Navipromo version 3.6.6 commencé le 11/10/2008 à 15:36:46,94

 

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!

!!! Postez ce rapport sur le forum pour le faire analyser !!!

!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

 

Outil exécuté depuis C:\Program Files\navilog1

Session actuelle : "Musique"

 

Mise à jour le 29.09.2008 à 17h30 par IL-MAFIOSO

 

Microsoft Windows Vista 6.0.6001

Internet Explorer : 7.0.6001.18000

Système de fichiers : NTFS

 

Recherche executé en mode normal

 

*** Recherche Programmes installés ***

 

 

*** Recherche dossiers dans "C:\Windows" ***

 

 

*** Recherche dossiers dans "C:\Program Files" ***

 

 

*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***

 

 

*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***

 

 

*** Recherche dossiers dans "C:\ProgramData" ***

 

 

*** Recherche dossiers dans "c:\users\musique\appdata\roaming\micros~1\windows\startm~1\programs" ***

 

 

*** Recherche dossiers dans "C:\Users\Musique\AppData\Local\virtualstore\Program Files" ***

 

 

*** Recherche dossiers dans "C:\Users\Musique\AppData\Roaming" ***

 

 

*** Recherche dossiers dans "C:\Users\IUSR_N~1\appdata\roaming" ***

 

 

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***

pour + d'infos : http://www.gmer.net

 

 

 

*** Recherche avec GenericNaviSearch ***

!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!

!!! A vérifier impérativement avant toute suppression manuelle !!!

 

* Recherche dans "C:\Windows\system32" *

 

* Recherche dans "C:\Users\Musique\AppData\Local\Microsoft" *

 

* Recherche dans "C:\Users\Musique\AppData\Local\virtualstore\windows\system32" *

 

* Recherche dans "C:\Users\Musique\AppData\Local" *

 

* Recherche dans "C:\Users\IUSR_N~1\AppData\Local" *

 

 

 

*** Recherche fichiers ***

 

 

 

*** Recherche clés spécifiques dans le Registre ***

 

 

*** Module de Recherche complémentaire ***

(Recherche fichiers spécifiques)

 

1)Recherche nouveaux fichiers Instant Access :

 

 

2)Recherche Heuristique :

 

* Dans "C:\Windows\system32" :

 

 

* Dans "C:\Users\Musique\AppData\Local\Microsoft" :

 

 

* Dans "C:\Users\Musique\AppData\Local\virtualstore\windows\system32" :

 

 

* Dans "C:\Users\Musique\AppData\Local" :

 

owuuc.dat trouvé !

owuuc.exe trouvé !

owuuc_nav.dat trouvé !

owuuc_navps.dat trouvé !

 

* Dans "C:\Users\IUSR_N~1\AppData\Local" :

 

 

3)Recherche Certificats :

 

Certificat Egroup trouvé !

Certificat Electronic-Group trouvé !

Certificat Montorgueil absent !

Certificat OOO-Favorit trouvé !

Certificat Sunny-Day-Design-Ltd absent !

 

4)Recherche fichiers connus :

 

 

 

*** Analyse terminée le 11/10/2008 à 15:58:13,88 ***

 

---------------------------------------------------------------------------------------------

2/ résultat random :

 

log.txt :

 

Logfile of random's system information tool 1.04 (written by random/random)

Run by Musique at 2008-10-11 16:19:44

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1

System drive C: has 51 GB (22%) free of 233 GB

Total RAM: 1022 MB (39% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:20:11, on 11/10/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe

C:\Program Files\DNA\btdna.exe

C:\Users\Musique\AppData\Local\owuuc.exe

C:\Program Files\Belkin\F5D7001v2000\Belkinwcui.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Belkin\F5D7001v2000\ChkDev.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\explorer.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Musique\Desktop\RSIT.exe

C:\Users\Musique\Downloads\Musique.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/firefox?client=firefo...lla:fr:official

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe"

O4 - HKCU\..\Run: [owuuc] "c:\users\musique\appdata\local\owuuc.exe" owuuc

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Global Startup: Belkin Wireless Utility.lnk = ?

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll

O13 - Gopher Prefix:

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200707...ex/qtplugin.cab

O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/s...te/certdgi1.cab

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{18F08A79-7A08-4956-A04C-2A71AA129724}: NameServer = 212.27.53.252,212.27.54.252

O17 - HKLM\System\CCS\Services\Tcpip\..\{19683802-A484-4C5B-8D8F-A02BD7D585B0}: NameServer = 212.27.53.252,212.27.54.252

O17 - HKLM\System\CS1\Services\Tcpip\..\{18F08A79-7A08-4956-A04C-2A71AA129724}: NameServer = 212.27.53.252,212.27.54.252

O17 - HKLM\System\CS2\Services\Tcpip\..\{18F08A79-7A08-4956-A04C-2A71AA129724}: NameServer = 212.27.53.252,212.27.54.252

O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe

O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)

O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe

O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe

O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\wltrysvc.exe

 

--

End of file - 11057 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Norton Internet Security - Analyse système complète - Musique.job

C:\Windows\tasks\User_Feed_Synchronization-{A02B80C3-19AF-4998-8EE4-AC6D99F106F1}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]

ContributeBHO Class - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-27 118784]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-01-19 2436160]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]

Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-01-19 2436160]

{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-27 118784]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-11-09 3784704]

""= []

"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

"avgnt"=C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe [2008-08-04 266497]

"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-01-11 623992]

"Adobe_ID0EYTHM"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]

"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2008-02-29 76304]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]

"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-17 92704]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-24 44136]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

""= []

"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2008-09-30 20480]

"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-10-02 342336]

"owuuc"=c:\users\musique\appdata\local\owuuc.exe [2008-10-10 323584]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCUTRAYICON]

FactoryMode []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DSP24]

Dsp24Set.exe /n []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series]

C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE [2005-02-08 98304]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

c:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-17 49152]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]

c:\hp\support\hpsysdrv.exe [2006-09-28 65536]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-04-19 151552]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]

C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]

C:\Windows\KHALMNPR.EXE [2008-02-29 76304]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2008-09-30 20480]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]

C:\Windows\KHALMNPR.EXE [2008-02-29 76304]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]

C:\Program Files\Pando Networks\Pando\Pando.exe [2008-02-14 6051144]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [2007-07-07 171448]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2007-11-02 185632]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]

C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2008-04-23 29696]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]

C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [2008-09-30 450560]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]

C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2008-05-02 805392]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Musique^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.4.lnk]

C:\PROGRA~1\OPENOF~1.4\program\QUICKS~1.EXE [2008-01-21 393216]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Belkin Wireless Utility.lnk - C:\Program Files\Belkin\F5D7001v2000\Belkinwcui.exe

Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"EnableLUA"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00a87885-7845-11dd-acd0-001a923038f7}]

shell\AutoRun\command - K:\EmDesk.exe

shell\EmDesk\command - K:\EmDesk.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e99bd76a-7cd7-11dd-acd3-001a923038f7}]

shell\AutoRun\command - L:\LaunchU3.exe -a

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f582d139-5eb8-11dc-b30b-001a923038f7}]

shell\AutoRun\command - J:\introRMX.exe

 

 

======File associations======

 

.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"

.cpl - cplopen -

 

======List of files/folders created in the last 1 months======

 

2008-10-11 16:19:44 ----D---- C:\rsit

2008-10-11 14:47:34 ----A---- C:\fixnavi.txt

2008-10-11 14:46:09 ----D---- C:\Program Files\Navilog1

2008-10-09 11:38:03 ----D---- C:\ProgramData\eMule

2008-10-08 16:08:13 ----D---- C:\ProgramData\WindowsSearch

2008-10-07 21:06:39 ----D---- C:\ConvertTemp

2008-10-06 18:15:12 ----D---- C:\Program Files\eMule

2008-10-02 15:28:45 ----D---- C:\Users\Musique\AppData\Roaming\BitTorrent

2008-10-02 15:28:35 ----D---- C:\Users\Musique\AppData\Roaming\DNA

2008-10-02 15:28:35 ----D---- C:\Program Files\DNA

2008-10-02 15:28:35 ----D---- C:\Program Files\BitTorrent

2008-09-30 13:57:34 ----D---- C:\NVIDIA

2008-09-30 09:48:48 ----A---- C:\Windows\system32\BtCoreIf.dll

2008-09-30 09:47:53 ----D---- C:\Program Files\Common Files\Logishrd

2008-09-29 11:20:57 ----A---- C:\Windows\system32\wltrysvc.exe

2008-09-29 11:20:57 ----A---- C:\Windows\system32\wltrynt.dll

2008-09-29 11:20:57 ----A---- C:\Windows\system32\wltray.exe

2008-09-29 11:20:57 ----A---- C:\Windows\system32\preflib.dll

2008-09-29 11:20:57 ----A---- C:\Windows\system32\bcmwlu00.exe

2008-09-29 11:20:57 ----A---- C:\Windows\system32\bcmwltry.exe

2008-09-29 11:20:57 ----A---- C:\Windows\system32\bcmwls32.exe

2008-09-29 11:20:57 ----A---- C:\Windows\system32\bcmwls.ini

2008-09-29 11:20:56 ----A---- C:\Windows\system32\WLBCGCBPRO731.DLL

2008-09-29 11:20:56 ----A---- C:\Windows\system32\bcmwlpkt.dll

2008-09-29 11:20:56 ----A---- C:\Windows\system32\bcmwliss.dll

2008-09-29 11:20:56 ----A---- C:\Windows\system32\BCMLogon.dll

2008-09-29 11:20:56 ----A---- C:\Windows\system32\bcm1xsup.dll

2008-09-29 11:20:51 ----D---- C:\Program Files\Belkin

2008-09-20 22:59:40 ----D---- C:\Program Files\HomePlayer

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvwssr.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvwss.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvwgf2um.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvvsvc.exe

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvvitvsr.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvvitvs.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvudisp.exe

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvsvsr.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvsvs.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvoglv32.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmoblsr.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmobls.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmccssr.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmccss.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmccsrs.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmccs.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvgamesr.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvgames.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvdispsr.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvdisps.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcuda.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcpl.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcolor.exe

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcodhins.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcodh.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcod134.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcod.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\dpinst.exe

2008-09-15 09:03:51 ----A---- C:\Windows\system32\GEARAspi.dll

2008-09-15 09:03:50 ----DC---- C:\Windows\system32\DRVSTORE

2008-09-15 09:03:12 ----D---- C:\Program Files\iPod

2008-09-15 09:03:03 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

 

======List of files/folders modified in the last 1 months======

 

2008-10-11 16:20:00 ----D---- C:\Windows\Temp

2008-10-11 15:58:02 ----D---- C:\Windows\System32

2008-10-11 14:54:13 ----D---- C:\Program Files\Mozilla Firefox

2008-10-11 14:46:09 ----RD---- C:\Program Files

2008-10-11 12:49:18 ----D---- C:\Windows

2008-10-11 02:25:49 ----SHD---- C:\System Volume Information

2008-10-10 20:21:25 ----D---- C:\Program Files\AntiVir PersonalEdition Classic

2008-10-10 20:21:22 ----D---- C:\Windows\AntiVir PersonalEdition Classic

2008-10-10 18:28:22 ----A---- C:\Windows\win.ini

2008-10-10 15:41:05 ----D---- C:\Program Files\Common Files\Adobe

2008-10-10 15:04:36 ----D---- C:\ProgramData\Adobe

2008-10-10 15:03:47 ----D---- C:\Users\Musique\AppData\Roaming\Adobe

2008-10-10 14:10:18 ----D---- C:\Users\Musique\AppData\Roaming\OpenOffice.org2

2008-10-09 17:14:41 ----RSD---- C:\Windows\Fonts

2008-10-09 11:38:03 ----HD---- C:\ProgramData

2008-10-07 20:58:47 ----A---- C:\Windows\system32\PerfStringBackup.INI

2008-10-07 20:58:46 ----D---- C:\Windows\inf

2008-10-07 20:57:40 ----D---- C:\Windows\Prefetch

2008-09-30 14:05:29 ----D---- C:\ProgramData\NVIDIA

2008-09-30 13:58:54 ----D---- C:\Windows\system32\drivers

2008-09-30 13:58:42 ----D---- C:\Windows\system32\catroot2

2008-09-30 13:58:42 ----D---- C:\Windows\system32\catroot

2008-09-30 09:51:06 ----SHD---- C:\Windows\Installer

2008-09-30 09:49:04 ----D---- C:\Program Files\Common Files\Logitech

2008-09-30 09:47:56 ----HD---- C:\Program Files\InstallShield Installation Information

2008-09-30 09:47:53 ----D---- C:\Program Files\Common Files

2008-09-29 11:29:08 ----SD---- C:\ProgramData\Microsoft

2008-09-29 11:21:57 ----D---- C:\Windows\pss

2008-09-27 15:02:31 ----D---- C:\Program Files\Mozilla Thunderbird

2008-09-24 13:48:10 ----D---- C:\Program Files\sauvegardes

2008-09-24 12:33:49 ----HD---- C:\Windows\system32\GroupPolicy

2008-09-24 12:29:28 ----D---- C:\Windows\Minidump

2008-09-24 12:11:16 ----RD---- C:\Users

2008-09-23 11:36:30 ----D---- C:\Users\Musique\AppData\Roaming\dvdcss

2008-09-19 19:47:08 ----D---- C:\Program Files\Adobe

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvsvc.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmctray.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvd3dum.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcpluir.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcplui.exe

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvapi.dll

2008-09-16 21:27:12 ----A---- C:\Windows\system32\nvuninst.exe

2008-09-15 09:03:44 ----D---- C:\Program Files\iTunes

2008-09-15 09:03:02 ----D---- C:\ProgramData\Apple Computer

2008-09-15 09:01:31 ----D---- C:\Program Files\Bonjour

2008-09-15 09:01:03 ----D---- C:\Program Files\QuickTime

2008-09-15 09:00:09 ----D---- C:\Program Files\Common Files\Apple

2008-09-15 08:55:27 ----D---- C:\Windows\Debug

2008-09-15 08:50:20 ----D---- C:\Program Files\Safari

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 avgio;avgio; \??\C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-08-04 75072]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]

R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2008-04-28 5632]

R3 avgntflt;avgntflt; \??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-31 52032]

R3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]

R3 E100B;Pilote de carte Intel ® PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2008-01-19 159744]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-08 1647976]

R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2008-02-29 20240]

R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\Windows\system32\DRIVERS\L8042mou.Sys [2008-02-29 63120]

R3 LMouKE;SetPoint Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouKE.Sys [2008-02-29 79120]

R3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872]

R3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2006-11-06 1119616]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

S3 3xHybrid;ASUSTek SAA713x PCI Card; C:\Windows\system32\DRIVERS\3xHybrid.sys [2006-09-19 2807936]

S3 61883;Pilote d'unité 61883; C:\Windows\system32\DRIVERS\61883.sys [2008-01-19 45696]

S3 aqcqsspe;aqcqsspe; C:\Windows\system32\drivers\aqcqsspe.sys []

S3 Avc;Périphérique AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-19 40448]

S3 catchme;catchme; \??\C:\Users\Musique\AppData\Local\Temp\catchme.sys []

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]

S3 DSP24_MK;Service for DSP24/MKII Driver (EWDM); C:\Windows\system32\drivers\d24.sys [2004-10-21 28480]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 ICM2_01;Service for DSP24 Audio Driver (EWDM); C:\Windows\system32\drivers\D24Wdm.sys [2004-10-21 22944]

S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]

S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]

S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2007-04-11 28688]

S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-19 52608]

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]

S3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]

S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]

S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]

S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]

S3 TSHWMDTCP;TSHWMDTCP; \??\C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [2006-07-13 4608]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-07-22 32000]

S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]

S3 Wdf0diitr;Wdf0diitr; C:\Windows\system32\drivers\Wdf0diitr.sys []

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]

S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\AntiVir PersonalEdition Classic\sched.exe [2008-08-04 68865]

R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe [2008-08-14 149761]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]

R2 DQLWinService;DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-04-19 81920]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608]

R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\Windows\System32\wltrysvc.exe [2006-01-20 18944]

R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-09-02 654848]

R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S2 IntelDHSvcConf;Intel DH Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696]

S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []

S3 Adobe Version Cue CS3;Adobe Version Cue CS3 {fr_FR} ; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]

S3 AlertService;Intel® Alert Service; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [2006-09-11 188416]

S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]

S3 ISSM;Intel® Software Services Manager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [2006-09-11 75264]

S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [2008-05-02 121360]

S3 M1 Server;Intel® Viiv Media Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [2006-09-01 26624]

S3 MCLServiceATL;Intel® Application Tracker; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [2006-09-11 167936]

S3 Remote UI Service;Intel® Remoting Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [2006-09-11 544256]

S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 78752]

S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe []

S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe [2008-01-18 24635]

S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe [2008-01-18 5750784]

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S4 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]

S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-07-05 138168]

 

-----------------EOF-----------------

 

 

 

info.txt

 

info.txt logfile of random's system information tool 1.04 2008-10-11 16:20:18

 

======Uninstall list======

 

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

-->MsiExec.exe /I{3BF1390E-9EAE-4C2A-B30C-3992233FBCBA}

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}

Adobe After Effects CS3 Presets-->MsiExec.exe /I{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}

Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}

Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}

Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}

Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}

Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}

Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}

Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}

Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}

Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}

Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}

Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}

Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}

Adobe Contribute CS3-->MsiExec.exe /I{F84ADE4E-9220-4324-994D-801EDD9DD251}

Adobe Creative Suite 3 Master Collection-->MsiExec.exe /I{5D2398DF-3022-4820-93BA-F1175FBEA9CA}

Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}

Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}

Adobe Dreamweaver CS3-->MsiExec.exe /I{4BDB76C6-902E-41D5-9064-68768E02886B}

Adobe Encore CS3 Codecs-->MsiExec.exe /I{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}

Adobe Encore CS3-->MsiExec.exe /I{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}

Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe

Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}

Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}

Adobe Fireworks CS3-->MsiExec.exe /I{21C4D775-368A-46C4-8DC3-4207165B7115}

Adobe Flash CS3-->MsiExec.exe /I{80FD3971-8482-49C8-BA8C-B6464A15882F}

Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}

Adobe Flash Player 9 Plugin-->MsiExec.exe /X{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}

Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Flash Video Encoder-->MsiExec.exe /I{1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}

Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}

Adobe Help Viewer CS3-->MsiExec.exe /I{7ACFB90E-8FD0-4397-AD3A-5195412623A3}

Adobe Illustrator CS3-->MsiExec.exe /I{6E08CE13-C2AB-4749-9335-5900B958929E}

Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}

Adobe InDesign CS3-->MsiExec.exe /I{FE8327F9-3AC1-4586-8C7E-3DEE2BC92441}

Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}

Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}

Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}

Adobe Photoshop CS3-->MsiExec.exe /I{C1FA4B3B-1625-4922-9C9D-780E8FCE161A}

Adobe Reader 7.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A71000000002}

Adobe Setup-->MsiExec.exe /I{1628F6BD-5ED1-4FD1-B90F-C106AF4E00F0}

Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}

Adobe Shockwave Player-->C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log

Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}

Adobe Soundbooth CS3 Codecs-->MsiExec.exe /I{0327FA9D-975C-448C-A086-577D57BB25B8}

Adobe Soundbooth CS3-->MsiExec.exe /I{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}

Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}

Adobe SVG Viewer 3.0-->C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log

Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}

Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}

Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}

Adobe Version Cue CS3 Server {ko_KR} -->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}

Adobe Video Profiles-->MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}

Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}

Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}

Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}

Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}

AFPL Ghostscript 8.51-->C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\gs8.51\uninstal.txt"

AFPL Ghostscript Fonts-->C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\fonts\uninstal.txt"

AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}

Ajouter ou supprimer Adobe Creative Suite 3 Master Collection-->C:\Program Files\Common Files\Adobe\Installers\b5d5789539ea1f004a4defceea74312\Setup.exe

ALUpdate-->"C:\Program Files\ESTsoft\ALUpdate\unins000.exe"

ALZip-->"C:\Program Files\ESTsoft\ALZip\unins000.exe"

Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

Atomic Mail Verifier 5.00-->"C:\Program Files\AtomPark\Atomic Mail Verifier\unins000.exe"

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE

Belkin Wireless G Plus Desktop Card-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D59CAED6-39AF-4F87-AD40-C10C3906B7A4}\setup.exe" -l0x9 -removeonly

Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}

Build-a-lot Deluxe-->"C:\Program Files\Zylom Games\Build-a-lot Deluxe\GameInstlr.exe" --uninstall UnInstall.log

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}

Ciel Professionnel Indépendant-->C:\Windows\IsUn040c.exe -fC:\CIEL\WPI\Uninst.isu

DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN

DreamStation DXi2-->C:\WINDOWS\DSDXIRMV.EXE C:\PROGRAM FILES\CAKEWALK\SHARED DXI\AUDIO SIMULATION\DREAMSTATION DXI2

eMule-->"C:\Program Files\eMule\Uninstall.exe"

EPSON Printer Software-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R

EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r

Favorit-->c:\users\musique\appdata\local\zgbuae.bat

FileZilla (remove only)-->"C:\Program Files\FileZilla\uninstall.exe"

FoxyTunes for Firefox-->"C:\Program Files\Mozilla Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul

Free Mp3 Wma Converter V 1.6.2-->"C:\Program Files\Free Audio Pack\unins000.exe"

Fx Audio Converter-->C:\PROGRA~1\FXAUDI~1\UNWISE.EXE C:\PROGRA~1\FXAUDI~1\INSTALL.LOG

Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}

Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"

GSview 4.7-->C:\Program Files\Ghostgum\gsview\uninstgs.exe "C:\Program Files\Ghostgum\gsview\uninstal.txt"

High Speed Verifier-->C:\Program Files\Tweak Marketing\High Speed Verifier\uninstall.exe

HijackThis 2.0.2-->"C:\Users\Musique\Downloads\HijackThis.exe" /uninstall

HomePlayer 1.5.6b-->C:\Program Files\HomePlayer\uninst.exe

HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly

HP Easy Setup - Core-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}\setup.exe" -l0x9

HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly

HP Picasso Media Center Add-In-->MsiExec.exe /I{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}

HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}

iLike Sidebar-->MsiExec.exe /X{77A82F70-2806-4269-9ACC-EE6E67A35BAC}

Intel® Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe

iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634}

Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}

Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}

Java 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}

Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

Java SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}

Java SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}

KaraFun 1.18-->"C:\Program Files\KaraFun\unins000.exe"

KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}

Le Monde de Nemo-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{3B26434C-FFA8-4A9C-A9C9-E8EE9C4E89D4} NemoADVUninstall

Live Email Verifier Professional-->"C:\ProgramData\{64A9508D-C4D0-4313-A727-D098EE6E9C63}\email_verifier_pro_setup.exe" REMOVE=TRUE MODIFY=FALSE

Logiciel Intel® Viiv™-->MsiExec.exe /X{6E7BF6EC-C3E7-43A7-8A03-0D204E3EC01B} /qb!

Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x40c UNINSTALL

Logitech Resource Center-->C:\PROGRA~1\Logitech\RESOUR~1\rem\UNWISE.EXE C:\PROGRA~1\Logitech\RESOUR~1\rem\INSTALL.LOG

Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x040c -removeonly

MainConcept for Software Encoder-->c:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{E7A02A01-C75A-4490-A168-5CA709A3D862}

Mastering Edition 1.5-->C:\PROGRA~1\SPECTR~1\MASTER~1\UNWISE.EXE C:\PROGRA~1\SPECTR~1\MASTER~1\INSTALL.LOG

Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"

Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}

Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}

Monopoly-->C:\Windows\IsUn040c.exe -f"C:\Program Files\Hasbro Interactive\Monopoly\Uninst.isu"

MozBackup 1.4.6-->"C:\Program Files\MozBackup\unins000.exe"

Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

Mozilla Thunderbird (2.0.0.17)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

Navilog1 3.6.6-->"C:\Program Files\Navilog1\unins000.exe"

Nomad Factory SC-226-->C:\PROGRA~1\NOMADF~1\SC-226\UNINST~1\UNWISE.EXE C:\PROGRA~1\NOMADF~1\SC-226\UNINST~1\INSTALL.LOG

NomadFactory Essential Studio Suite VST v1.0-->C:\PROGRA~1\STEINB~1\VSTPLU~1\ESSv1.0\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\ESSv1.0\INSTALL.LOG

NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI

Nvu 1.0-->"C:\Program Files\Nvu\unins000.exe"

OcxSetup-->MsiExec.exe /I{C3DC29BC-A8CF-4578-9DFC-37F049C44771}

OpenOffice.org 2.4-->MsiExec.exe /I{A122962F-331A-4C2E-93DB-AD92D8A4FB14}

Outils de diagnostic du matériel-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe

Pando-->MsiExec.exe /I{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}

Panneau de configuration MobileMe-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}

PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}

Photo Service Edition-->"C:\Program Files\Photo Service Edition\unins000.exe"

PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"

Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"

Pro Email Verifier1.21-->C:\Program Files\Pro Email Verifier\Uninstall.exe

Python 2.4.3-->MsiExec.exe /I{75E71ADD-042C-4F30-BFAC-A9EC42351313}

QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}

RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

Realtek High Definition Audio Driver-->RtlUpd.exe -r -m

Roxio Creator Audio-->MsiExec.exe /X{83FFCFC7-88C6-41c6-8752-958A45325C82}

Roxio Creator Basic v9-->MsiExec.exe /X{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}

Roxio Creator Copy-->MsiExec.exe /X{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}

Roxio Creator Data-->MsiExec.exe /X{0D397393-9B50-4c52-84D5-77E344289F87}

Roxio Creator EasyArchive-->MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}

Roxio Creator Tools-->MsiExec.exe /X{0394CDC8-FABD-4ed8-B104-03393876DFDF}

Roxio Express Labeler 3-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}

Safari-->MsiExec.exe /I{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}

SAMSUNG CDMA Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe

SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe

SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe

Samsung PC Studio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x40c -removeonly

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Solution de clavier multimédia amélioré-->C:\HP\KBD\Install.exe /u

SONAR 6 Producer Edition-->"C:\Program Files\Cakewalk\SONAR 6 Producer Edition\unins000.exe"

Sonic Foundry CD Architect 5.0-->MsiExec.exe /I{28C80CD6-14DF-42E7-B460-CBF194A6439C}

SynthFont Version 1.121-->"C:\Program Files\SynthFont\unins000.exe"

VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe

Vocal Rack Trial-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6CA280F4-B354-4167-A262-ABE8347109D2}\Setup.exe" -l0x40c

Vodafone WCDMA Composite Device Drive Software-->C:\Windows\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe

WampServer 2.0-->"c:\wamp\unins000.exe"

Waves Diamond Bundle 4.05-->C:\PROGRA~1\Waves\DIAMON~1\UNWISE.EXE C:\PROGRA~1\Waves\DIAMON~1\INSTALL.LOG

Waves SSL Collection v1.2-->C:\PROGRA~1\Waves\AIRLOG~1\WAVESS~1.2\UNWISE.EXE C:\PROGRA~1\Waves\AIRLOG~1\WAVESS~1.2\INSTALL.LOG

Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}

Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}

Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}

Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

WinSCP 4.0.5-->"C:\Program Files\WinSCP\unins000.exe"

Worms Armageddon-->C:\Windows\IsUninst.exe -f"c:\Team17\Worms Armageddon\Uninst.isu"

 

======Security center information======

 

AV: Avira AntiVir PersonalEdition

AV: Norton Internet Security

FW: Norton Internet Security

AS: Avira AntiVir PersonalEdition

AS: Windows Defender

AS: Norton Internet Security

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\hp\bin\Python;c:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\QuickTime\QTSystem;C:\Program Files\ESTsoft\ALZip;C:\Program Files\QuickTime\QTSystem\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 2, GenuineIntel

"PROCESSOR_REVISION"=0f02

"NUMBER_OF_PROCESSORS"=2

"RoxioCentral"=c:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\

"PLATFORM"=HPD

"PCBRAND"=Pavilion

"OnlineServices"=Services en ligne

"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

 

-----------------EOF-----------------

Modifié le 11 octobre 2008 par cedlo

[Thanos]

salut cedlo

 

Je suis bien l'ex charles ingals

 

L'infection qui afficher des pubs sur ton pc est bien navipromo!

 

Elle est véhiculée par des logiciels qu'il faut fuir absolument!! en voici une liste non exhaustive pour ne pas tomber dans le piège à nouveau >

• go-astro
  
• GoRecord
  
• HotTVPlayer
  
• MailSkinner
  
• Messenger Skinner
  
• Instant Access
  
• InternetGameBox
  
• sudoplanet
  
• Webmediaplayer sauf celui provenant du site suivant > http://www.azertysite.new.fr/
  

D'une manière générale, méfie toi des utilitaires que tu télécharges!!Utilise Google pour voir si c'e n'est pas un logiciel qui installe un spyware : une simple recherche de quelques minutes te permettra de te faire une idée.

Par exemple : fais une recherche sur MessengerSkinner et tu verras le nombre de discussion ou les gens se plaignent de publicité intempestives ....

Plus d'infos sur le site de Malekal Morte dont les infos sont tirées > http://www.malekal.com/popupsintempestives.php

 

Voilà une autre liste (chez Assiste.com) que tu peux consulter avant d'installer un antispyware si tu es amené à le faire : elle recense tout un tas de faux utilitaires qui n'ont aucune efficacité, et qui peuvent même être dangereux car pas fiables : http://assiste.com.free.fr/p/craptheque/craptheque.html

D'autres apparaissent chaque jour (ou presque) ! aussi une recherche encore une fois avant d'installer quoique ce soit!!

*************

 

La suite de la procédure >>

 

1°) Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.

• Au menu principal, choisis 2 et valide.
  
• Le fix va t'informer qu'il va alors redémarrer ton PC
  
• Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
  
• Appuie sur une touche comme demandé.(si ton Pc ne redémarre pas automatiquement, fais le toi même)
  
• Au redémarrage de ton PC, choisis ta session habituelle.Patiente jusqu'au message :

  *** Nettoyage Termine le ..... ***

• Le bloc note va s'ouvrir: sauvegarde le rapport de manière à le retrouver.
  
• Referme le bloc note. Ton bureau va réapparaitre
  

PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.

Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"

Tape explorer et valide. Celà te fera apparaitre ton bureau.

Si tu ne trouve pas le rapport, il se nomme cleannavi.txt et se trouve dans C:\

 

2°) Nous allons faire un scan rapide de ton pc avec un programme que tu pourras conserver >>

 

Télécharge Malwarebytes' Anti-Malware (MBAM)

 

Branche tous les supports amovibles que tu possèdes avant de faire ce scan (clé usb/disque dur externe etc)

• Double clique sur le fichier téléchargé pour lancer le processus d'installation.
  
• Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  
• Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  
• Sélectionne "Exécuter un examen rapide"
  
• Clique sur "Rechercher"
  
• L'analyse démarre, le scan est relativement long, c'est normal.
  
• A la fin de l'analyse, un message s'affiche :

  L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  
• Ferme tes navigateurs.
  
• Si des malwares ont été détectés, clique sur Afficher les résultats.
  Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  
• MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.
  

Poste les deux rapports stp

[cedlo]

Salut Thanos,

 

Tout d'abord merci pour ton aide. Je suis assez étonnée par les sites ou logiciels dont tu parles car j'essaie de faire très attention à ce que je télécharge. Je travaille sur Internet, c'est mon job, et je suis assez vigilante. As-tu, par rapport à mes premières réponses, une indication sur l'origine exacte des infections ?

 

Voici donc les deux rapports (il y avait une infection qui a été supprimée dans Malwarebytes' Anti-Malware) :

cleannavi :

 

Clean Navipromo version 3.6.6 commencé le 12/10/2008 à 19:19:25,66

 

Outil exécuté depuis C:\Program Files\navilog1

Session actuelle : "Musique"

 

Mise à jour le 29.09.2008 à 17h30 par IL-MAFIOSO

 

Microsoft Windows Vista 6.0.6001

Internet Explorer : 7.0.6001.18000

Système de fichiers : NTFS

 

Mode suppression automatique

avec prise en charge résultats Catchme et GNS

 

 

Nettoyage exécuté au redémarrage de l'ordinateur

 

 

*** fsbl1.txt non trouvé ***

(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)

 

 

*** Suppression avec sauvegardes résultats GenericNaviSearch ***

 

* Suppression dans "C:\Windows\System32" *

 

 

* Suppression dans "C:\Users\Musique\AppData\Local\Microsoft" *

 

 

* Suppression dans "C:\Users\Musique\AppData\Local\virtualstore\windows\system32" *

 

 

* Suppression dans "C:\Users\Musique\AppData\Local" *

 

 

* Suppression dans "C:\Users\IUSR_N~1\AppData\Local" *

 

 

 

*** Suppression dossiers dans "C:\Windows" ***

 

 

*** Suppression dossiers dans "C:\Program Files" ***

 

 

*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***

 

 

*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***

 

 

*** Suppression dossiers dans "C:\ProgramData" ***

 

 

*** Suppression dossiers dans c:\users\musique\appdata\roaming\micros~1\windows\startm~1\programs ***

 

 

*** Suppression dossiers dans "C:\Users\IUSR_N~1\appdata\roaming\micros~1\windows\startm~1\programs" ***

 

 

*** Suppression dossiers dans "C:\Users\Musique\AppData\Local\virtualstore\Program Files" ***

 

 

*** Suppression dossiers dans "C:\Users\Musique\AppData\Roaming" ***

 

 

*** Suppression dossiers dans "C:\Users\IUSR_N~1\appdata\roaming" ***

 

 

 

*** Suppression fichiers ***

 

 

*** Suppression fichiers temporaires ***

 

Nettoyage contenu C:\Windows\Temp effectué !

Nettoyage contenu C:\Users\Musique\AppData\Local\Temp effectué !

 

*** Traitement Recherche complémentaire ***

(Recherche fichiers spécifiques)

 

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

 

2)Recherche, création sauvegardes et suppression Heuristique :

 

 

* Dans "C:\Windows\system32" *

 

 

* Dans "C:\Users\Musique\AppData\Local\Microsoft" *

 

 

* Dans "C:\Users\Musique\AppData\Local\virtualstore\windows\system32" *

 

 

* Dans "C:\Users\Musique\AppData\Local" *

 

 

owuuc.exe trouvé !

Copie owuuc.exe réalisée avec succès !

owuuc.exe supprimé !

 

owuuc.dat trouvé !

Copie owuuc.dat réalisée avec succès !

owuuc.dat supprimé !

 

owuuc_nav.dat trouvé !

Copie owuuc_nav.dat réalisée avec succès !

owuuc_nav.dat supprimé !

 

owuuc_navps.dat trouvé !

Copie owuuc_navps.dat réalisée avec succès !

owuuc_navps.dat supprimé !

 

 

* Dans "C:\Users\IUSR_N~1\AppData\Local" *

 

 

*** Sauvegarde du Registre vers dossier Safebackup ***

 

sauvegarde du Registre réalisée avec succès !

 

*** Nettoyage Registre ***

 

Nettoyage Registre Ok

 

 

*** Certificats ***

 

Certificat Egroup supprimé !

Certificat Electronic-Group supprimé !

Certificat Montorgueil absent !

Certificat OOO-Favorit supprimé !

Certificat Sunny-Day-Design-Ltdt absent !

 

 

*** Nettoyage terminé le 12/10/2008 à 19:27:23,08 ***

 

et mbam-log-2008-10-12 (19-45-54) :

 

Malwarebytes' Anti-Malware 1.28

Version de la base de données: 1261

Windows 6.0.6001 Service Pack 1

 

12/10/2008 19:45:54

mbam-log-2008-10-12 (19-45-54).txt

 

Type de recherche: Examen rapide

Eléments examinés: 46737

Temps écoulé: 4 minute(s), 6 second(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 1

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

C:\Program Files\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.

[Thanos]

salut

 

Je suis assez étonnée par les sites ou logiciels dont tu parles car j'essaie de faire très attention à ce que je télécharge. Je travaille sur Internet, c'est mon job, et je suis assez vigilante. As-tu, par rapport à mes premières réponses, une indication sur l'origine exacte des infections ?

Il n'y a qu'une infection visible sur ton pc et elle a été nettoyée par navilog1 La liste des programmes que je cite n'est pas exhaustive et il se peut qu'il y en ait d'autres qui installent l'infection! Disons que ce sont les vecteurs les plus connus.

Normalement Antivir connait cette infection, donc j'imagine que le pc était déjà infecté lorsque Norton protégait le pc.

A ce propos, il y a des restes de Norton sur ton pc que tu peux éliminer comme ceci >>

 

* Télécharge Norton_Removal_Tool sur ton bureau.

 

Double clique sur l'icône de Norton Removal tool pour lancer l'utilitaire. Suis les indications à l'écran : il est possible que tu doives redémarrer plusieurs fois.

 

* Utilise ce petit programme pour nettoyer les anciennes version de la Console Java, car elles contiennent des failles de sécurité >>

 

Télécharge JavaRa.zip de Paul McLain et Fred de Vries.

• Décompresse le fichier sur ton bureau (clic droit > Extraire tout)
  
• Double-clique sur le répertoire JavaRa obtenu
  
• Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher)
  
• Une boite va s'ouvrir te demandant de sélectionner le langage, fais ton choix puis clique sur Select.
  
• Clique sur Search For Updates
  
• Sélectionne Update Using jucheck.exe puis clique sur Search
  
• Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
  
• Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions
  
• Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
  
• Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
  Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log (c:\JavaRa.log)
  
• Ferme l'application
  

* Tu peux passer par le Menu Ajouter/Supprimer des Programmes et désinstaller Navilog. Elimine ensuite le dossier nommé navilog1 qui se trouve dans le répertoire C:\Program Files

 

Poste le rapport de JavaRa stp ainsi qu'un rapport de scan fait avec RSIT

Modifié le 13 octobre 2008 par Thanos

[cedlo]

Alors voici mes rapports mais d'abord, lorsque j'ai suivi tes consignes à savoir :

[*]Sélectionne Update Using jucheck.exe puis clique sur Search

[*]Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.

[*]Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions

il ne s'est rien passé, aucune proposition. J'ai donc cliqué surRemove Older Versions

 

JavaRa.log :

 

JavaRa 1.11 Removal Log.

 

Report follows after line.

 

------------------------------------

 

The JavaRa removal process was started on Mon Oct 13 17:24:16 2008

 

Found and removed: C:\Program Files\Java\jre-6u2-windows-i586-p.exe

 

Found and removed: C:\Program Files\Java\jre1.6.0

 

Found and removed: C:\Program Files\Java\jre1.6.0_01

 

Found and removed: C:\Program Files\Java\jre1.6.0_02

 

Found and removed: C:\Program Files\Java\jre1.6.0_03

 

Found and removed: C:\Program Files\Java\jre1.6.0_04

 

Found and removed: C:\Program Files\Java\jre1.6.0_05

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

 

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610000

 

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001

 

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610002

 

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003

 

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610004

 

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610005

 

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610000

 

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001

 

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610002

 

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003

 

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610004

 

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610005

 

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610000

 

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

 

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

 

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

 

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004

 

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

 

Found and removed: SOFTWARE\Classes\JavaPlugin.160

 

Found and removed: SOFTWARE\Classes\JavaPlugin.160_01

 

Found and removed: SOFTWARE\Classes\JavaPlugin.160_02

 

Found and removed: SOFTWARE\Classes\JavaPlugin.160_03

 

Found and removed: SOFTWARE\Classes\JavaPlugin.160_04

 

Found and removed: SOFTWARE\Classes\JavaPlugin.160_05

 

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0

 

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01

 

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_02

 

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03

 

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_04

 

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_05

 

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0

 

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01

 

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_02

 

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03

 

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_04

 

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_05

 

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610000

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610000

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610002

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610004

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610005

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610000

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610002

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610004

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610005

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160000}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160020}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160040}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\JavaPlugin.160

 

Found and removed: Software\Classes\JavaPlugin.160_01

 

Found and removed: Software\Classes\JavaPlugin.160_02

 

Found and removed: Software\Classes\JavaPlugin.160_03

 

Found and removed: Software\Classes\JavaPlugin.160_04

 

Found and removed: Software\Classes\JavaPlugin.160_05

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0\bin\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\bin\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\bin\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\bin\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_01.b06\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_03.b05\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_04.b12\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_05.b13\

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_02

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_04

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_05

 

Found and removed: Software\JavaSoft\Java2D\1.6.0

 

Found and removed: Software\JavaSoft\Java2D\1.6.0_01

 

Found and removed: Software\JavaSoft\Java2D\1.6.0_02

 

Found and removed: Software\JavaSoft\Java2D\1.6.0_03

 

Found and removed: Software\JavaSoft\Java2D\1.6.0_05

 

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01

 

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_02

 

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03

 

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_05

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

 

 

 

log.txt :

 

Logfile of random's system information tool 1.04 (written by random/random)

Run by Musique at 2008-10-13 17:27:59

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1

System drive C: has 54 GB (23%) free of 233 GB

Total RAM: 1022 MB (31% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:28:15, on 13/10/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe

C:\Program Files\DNA\btdna.exe

C:\Program Files\Belkin\F5D7001v2000\Belkinwcui.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Belkin\F5D7001v2000\ChkDev.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\explorer.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Windows\System32\mobsync.exe

C:\Windows\Explorer.EXE

C:\Users\Musique\Desktop\JavaRa.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Users\Musique\Desktop\RSIT.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Musique\Downloads\Musique.exe

C:\Windows\system32\NOTEPAD.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/firefox?client=firefo...lla:fr:official

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Global Startup: Belkin Wireless Utility.lnk = ?

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll

O13 - Gopher Prefix:

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200707...ex/qtplugin.cab

O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/s...te/certdgi1.cab

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{18F08A79-7A08-4956-A04C-2A71AA129724}: NameServer = 212.27.53.252,212.27.54.252

O17 - HKLM\System\CCS\Services\Tcpip\..\{19683802-A484-4C5B-8D8F-A02BD7D585B0}: NameServer = 212.27.53.252,212.27.54.252

O17 - HKLM\System\CS1\Services\Tcpip\..\{18F08A79-7A08-4956-A04C-2A71AA129724}: NameServer = 212.27.53.252,212.27.54.252

O17 - HKLM\System\CS2\Services\Tcpip\..\{18F08A79-7A08-4956-A04C-2A71AA129724}: NameServer = 212.27.53.252,212.27.54.252

O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe

O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe

O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe

O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\wltrysvc.exe

 

--

End of file - 10996 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Norton Internet Security - Analyse système complète - Musique.job

C:\Windows\tasks\User_Feed_Synchronization-{A02B80C3-19AF-4998-8EE4-AC6D99F106F1}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]

ContributeBHO Class - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-27 118784]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-01-19 2436160]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]

Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-01-19 2436160]

{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-27 118784]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-11-09 3784704]

""= []

"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

"avgnt"=C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe [2008-08-04 266497]

"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-01-11 623992]

"Adobe_ID0EYTHM"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]

"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2008-02-29 76304]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]

"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-17 92704]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-24 44136]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

""= []

"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2008-09-30 20480]

"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-10-02 342336]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCUTRAYICON]

FactoryMode []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DSP24]

Dsp24Set.exe /n []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series]

C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE [2005-02-08 98304]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

c:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-17 49152]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]

c:\hp\support\hpsysdrv.exe [2006-09-28 65536]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-04-19 151552]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]

C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]

C:\Windows\KHALMNPR.EXE [2008-02-29 76304]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2008-09-30 20480]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]

C:\Windows\KHALMNPR.EXE [2008-02-29 76304]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]

C:\Program Files\Pando Networks\Pando\Pando.exe [2008-02-14 6051144]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [2007-07-07 171448]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2007-11-02 185632]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]

C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2008-04-23 29696]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]

C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [2008-09-30 450560]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]

C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2008-05-02 805392]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Musique^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.4.lnk]

C:\PROGRA~1\OPENOF~1.4\program\QUICKS~1.EXE [2008-01-21 393216]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Belkin Wireless Utility.lnk - C:\Program Files\Belkin\F5D7001v2000\Belkinwcui.exe

Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"EnableLUA"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00a87885-7845-11dd-acd0-001a923038f7}]

shell\AutoRun\command - K:\EmDesk.exe

shell\EmDesk\command - K:\EmDesk.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e99bd76a-7cd7-11dd-acd3-001a923038f7}]

shell\AutoRun\command - L:\LaunchU3.exe -a

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f582d139-5eb8-11dc-b30b-001a923038f7}]

shell\AutoRun\command - J:\introRMX.exe

 

 

======File associations======

 

.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"

.cpl - cplopen -

 

======List of files/folders created in the last 1 months======

 

2008-10-13 17:10:03 ----D---- C:\ProgramData\NortonInstaller

2008-10-12 19:36:39 ----D---- C:\Users\Musique\AppData\Roaming\Malwarebytes

2008-10-12 19:36:33 ----D---- C:\ProgramData\Malwarebytes

2008-10-12 19:36:33 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2008-10-12 19:19:25 ----A---- C:\cleannavi.txt

2008-10-11 16:19:44 ----D---- C:\rsit

2008-10-11 14:47:34 ----A---- C:\fixnavi.txt

2008-10-09 11:38:03 ----D---- C:\ProgramData\eMule

2008-10-08 16:08:13 ----D---- C:\ProgramData\WindowsSearch

2008-10-07 21:06:39 ----D---- C:\ConvertTemp

2008-10-06 18:15:12 ----D---- C:\Program Files\eMule

2008-10-02 15:28:45 ----D---- C:\Users\Musique\AppData\Roaming\BitTorrent

2008-10-02 15:28:35 ----D---- C:\Users\Musique\AppData\Roaming\DNA

2008-10-02 15:28:35 ----D---- C:\Program Files\DNA

2008-10-02 15:28:35 ----D---- C:\Program Files\BitTorrent

2008-09-30 13:57:34 ----D---- C:\NVIDIA

2008-09-30 09:48:48 ----A---- C:\Windows\system32\BtCoreIf.dll

2008-09-30 09:47:53 ----D---- C:\Program Files\Common Files\Logishrd

2008-09-29 11:20:57 ----A---- C:\Windows\system32\wltrysvc.exe

2008-09-29 11:20:57 ----A---- C:\Windows\system32\wltrynt.dll

2008-09-29 11:20:57 ----A---- C:\Windows\system32\wltray.exe

2008-09-29 11:20:57 ----A---- C:\Windows\system32\preflib.dll

2008-09-29 11:20:57 ----A---- C:\Windows\system32\bcmwlu00.exe

2008-09-29 11:20:57 ----A---- C:\Windows\system32\bcmwltry.exe

2008-09-29 11:20:57 ----A---- C:\Windows\system32\bcmwls32.exe

2008-09-29 11:20:57 ----A---- C:\Windows\system32\bcmwls.ini

2008-09-29 11:20:56 ----A---- C:\Windows\system32\WLBCGCBPRO731.DLL

2008-09-29 11:20:56 ----A---- C:\Windows\system32\bcmwlpkt.dll

2008-09-29 11:20:56 ----A---- C:\Windows\system32\bcmwliss.dll

2008-09-29 11:20:56 ----A---- C:\Windows\system32\BCMLogon.dll

2008-09-29 11:20:56 ----A---- C:\Windows\system32\bcm1xsup.dll

2008-09-29 11:20:51 ----D---- C:\Program Files\Belkin

2008-09-20 22:59:40 ----D---- C:\Program Files\HomePlayer

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvwssr.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvwss.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvwgf2um.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvvsvc.exe

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvvitvsr.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvvitvs.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvudisp.exe

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvsvsr.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvsvs.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvoglv32.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmoblsr.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmobls.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmccssr.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmccss.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmccsrs.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmccs.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvgamesr.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvgames.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvdispsr.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvdisps.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcuda.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcpl.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcolor.exe

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcodhins.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcodh.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcod134.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcod.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\dpinst.exe

2008-09-15 09:03:51 ----A---- C:\Windows\system32\GEARAspi.dll

2008-09-15 09:03:50 ----DC---- C:\Windows\system32\DRVSTORE

2008-09-15 09:03:12 ----D---- C:\Program Files\iPod

2008-09-15 09:03:03 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

 

======List of files/folders modified in the last 1 months======

 

2008-10-13 17:28:04 ----D---- C:\Windows\Temp

2008-10-13 17:26:44 ----RD---- C:\Program Files

2008-10-13 17:24:25 ----D---- C:\Program Files\Java

2008-10-13 17:13:16 ----HD---- C:\ProgramData

2008-10-13 17:04:14 ----A---- C:\Windows\win.ini

2008-10-13 17:02:56 ----SHD---- C:\System Volume Information

2008-10-13 14:41:07 ----D---- C:\ProgramData\Roxio

2008-10-13 11:32:20 ----D---- C:\Users\Musique\AppData\Roaming\OpenOffice.org2

2008-10-13 11:21:48 ----D---- C:\Program Files\Mozilla Firefox

2008-10-13 11:17:19 ----D---- C:\Windows

2008-10-12 20:22:34 ----D---- C:\Program Files\AntiVir PersonalEdition Classic

2008-10-12 20:22:30 ----D---- C:\Windows\AntiVir PersonalEdition Classic

2008-10-12 19:36:36 ----D---- C:\Windows\system32\drivers

2008-10-12 19:27:22 ----D---- C:\Windows\System32

2008-10-10 15:41:05 ----D---- C:\Program Files\Common Files\Adobe

2008-10-10 15:04:36 ----D---- C:\ProgramData\Adobe

2008-10-10 15:03:47 ----D---- C:\Users\Musique\AppData\Roaming\Adobe

2008-10-09 17:14:41 ----RSD---- C:\Windows\Fonts

2008-10-07 20:58:47 ----A---- C:\Windows\system32\PerfStringBackup.INI

2008-10-07 20:58:46 ----D---- C:\Windows\inf

2008-10-07 20:57:40 ----D---- C:\Windows\Prefetch

2008-09-30 14:05:29 ----D---- C:\ProgramData\NVIDIA

2008-09-30 13:58:42 ----D---- C:\Windows\system32\catroot2

2008-09-30 13:58:42 ----D---- C:\Windows\system32\catroot

2008-09-30 09:51:06 ----SHD---- C:\Windows\Installer

2008-09-30 09:49:04 ----D---- C:\Program Files\Common Files\Logitech

2008-09-30 09:47:56 ----HD---- C:\Program Files\InstallShield Installation Information

2008-09-30 09:47:53 ----D---- C:\Program Files\Common Files

2008-09-29 11:29:08 ----SD---- C:\ProgramData\Microsoft

2008-09-29 11:21:57 ----D---- C:\Windows\pss

2008-09-27 15:02:31 ----D---- C:\Program Files\Mozilla Thunderbird

2008-09-24 13:48:10 ----D---- C:\Program Files\sauvegardes

2008-09-24 12:33:49 ----HD---- C:\Windows\system32\GroupPolicy

2008-09-24 12:29:28 ----D---- C:\Windows\Minidump

2008-09-24 12:11:16 ----RD---- C:\Users

2008-09-23 11:36:30 ----D---- C:\Users\Musique\AppData\Roaming\dvdcss

2008-09-19 19:47:08 ----D---- C:\Program Files\Adobe

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvsvc.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmctray.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvd3dum.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcpluir.dll

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcplui.exe

2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvapi.dll

2008-09-16 21:27:12 ----A---- C:\Windows\system32\nvuninst.exe

2008-09-15 09:03:44 ----D---- C:\Program Files\iTunes

2008-09-15 09:03:02 ----D---- C:\ProgramData\Apple Computer

2008-09-15 09:01:31 ----D---- C:\Program Files\Bonjour

2008-09-15 09:01:03 ----D---- C:\Program Files\QuickTime

2008-09-15 09:00:09 ----D---- C:\Program Files\Common Files\Apple

2008-09-15 08:55:27 ----D---- C:\Windows\Debug

2008-09-15 08:50:20 ----D---- C:\Program Files\Safari

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 avgio;avgio; \??\C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-08-04 75072]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]

R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2008-04-28 5632]

R3 avgntflt;avgntflt; \??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-31 52032]

R3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]

R3 E100B;Pilote de carte Intel ® PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2008-01-19 159744]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-08 1647976]

R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2008-02-29 20240]

R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\Windows\system32\DRIVERS\L8042mou.Sys [2008-02-29 63120]

R3 LMouKE;SetPoint Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouKE.Sys [2008-02-29 79120]

R3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872]

R3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2006-11-06 1119616]

R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]

R4 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

S3 3xHybrid;ASUSTek SAA713x PCI Card; C:\Windows\system32\DRIVERS\3xHybrid.sys [2006-09-19 2807936]

S3 61883;Pilote d'unité 61883; C:\Windows\system32\DRIVERS\61883.sys [2008-01-19 45696]

S3 ad8y1uwn;ad8y1uwn; C:\Windows\system32\drivers\ad8y1uwn.sys []

S3 Avc;Périphérique AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-19 40448]

S3 catchme;catchme; \??\C:\Users\Musique\AppData\Local\Temp\catchme.sys []

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]

S3 DSP24_MK;Service for DSP24/MKII Driver (EWDM); C:\Windows\system32\drivers\d24.sys [2004-10-21 28480]

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 ICM2_01;Service for DSP24 Audio Driver (EWDM); C:\Windows\system32\drivers\D24Wdm.sys [2004-10-21 22944]

S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]

S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]

S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2007-04-11 28688]

S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-19 52608]

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]

S3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]

S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]

S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]

S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]

S3 TSHWMDTCP;TSHWMDTCP; \??\C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [2006-07-13 4608]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-07-22 32000]

S3 Wdf0diitr;Wdf0diitr; C:\Windows\system32\drivers\Wdf0diitr.sys []

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]

S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\AntiVir PersonalEdition Classic\sched.exe [2008-08-04 68865]

R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe [2008-08-14 149761]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]

R2 DQLWinService;DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-04-19 81920]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608]

R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\Windows\System32\wltrysvc.exe [2006-01-20 18944]

R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-09-02 654848]

R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S2 IntelDHSvcConf;Intel DH Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696]

S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []

S3 Adobe Version Cue CS3;Adobe Version Cue CS3 {fr_FR} ; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]

S3 AlertService;Intel® Alert Service; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [2006-09-11 188416]

S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]

S3 ISSM;Intel® Software Services Manager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [2006-09-11 75264]

S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [2008-05-02 121360]

S3 M1 Server;Intel® Viiv Media Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [2006-09-01 26624]

S3 MCLServiceATL;Intel® Application Tracker; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [2006-09-11 167936]

S3 Remote UI Service;Intel® Remoting Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [2006-09-11 544256]

S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 78752]

S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe [2008-01-18 24635]

S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe [2008-01-18 5750784]

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S4 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]

S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-07-05 138168]

 

-----------------EOF-----------------

[Thanos]

re!

 

il ne s'est rien passé, aucune proposition. J'ai donc cliqué surRemove Older Versions

Oui c'est normal j'aurais dû adapter mon speech! En fait il y a vait déjà la dernière version de Java sur ton pc (Java™ 6 Update 7), du coup lorsque tu as cliqué sur Update Using jucheck.exe > Search, il ne s'est rien passé.

Par contre l'outil a bien nettoyé toutes les anciennes versions présentes sur le pc (et fait de la place sur le disque dur au passage).

 

Une petite correction à faire >>

 

* Démarre Hijackthis, clique sur "Do a system scan only", et coche les lignes suivantes :

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

 

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

-Ferme tous les programmes et clique sur "Fix Checked"

 

* Rend toi sur cette page afin de télécharger le fichier fix.reg sur ton Bureau => http://www.sendspace.com/file/caj5a9

pour cela, clique sur le lien en bas de page > Download Link: fixnortonservice.reg

Double-clique sur le fichier: au message qui s'affiche, clique sur OK pour faire fusionner le fichier avec le registre.

Elimine le fichier une fois l'opération effectuée.

 

* Par ailleurs, sache que tu peux désactiver ce service sans problème >> NVIDIA Display Driver Service

 

Va dans le menu Démarrer/Executer et tape : services.msc

 

Cherche le service suivant:NVIDIA Display Driver Service et double clique dessus:

-dans le champs"Status du service" sélectionne "arrêté"

-dans le champs"Type de démarrage" sélectionne"désactivé" puis "Appliquer" puis"ok"

 

Quitte les services.

 

Des infos à son propos ici >> http://www.zebulon.fr/dossiers/39-forceware.html

 

Comment fonctionne le pc ? tu ne dois plus avoir de pubs intempestives normalement.